[policycoreutils] Update to upstream * Use correct color range in mcstrand by Richard Haines.

Daniel J Walsh dwalsh at fedoraproject.org
Wed Apr 13 20:52:49 UTC 2011 

commit 9f65a268643b8a74edc3634076c29d61a3864132
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Wed Apr 13 16:52:53 2011 -0400

    Update to upstream
    	* Use correct color range in mcstrand by Richard Haines.

 .gitignore                 |    1 +
 policycoreutils-rhat.patch |   67 ++++++++++++++++++++++++++++++++++++++-----
 policycoreutils.spec       |   18 +++++++++--
 sources                    |    2 +-
 4 files changed, 75 insertions(+), 13 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 6f6bed7..1eb6044 100644
--- a/.gitignore
+++ b/.gitignore
@@ -223,3 +223,4 @@ sepolgen-1.0.23.tgz
 policycoreutils-2.0.83.tgz
 /policycoreutils-2.0.84.tgz
 /policycoreutils-2.0.85.tgz
+/policycoreutils-2.0.86.tgz
diff --git a/policycoreutils-rhat.patch b/policycoreutils-rhat.patch
index e49a441..357171f 100644
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@@ -3194,10 +3194,10 @@ index 3f9efba..7c6d75a 100644
 +/etc/selinux/{SELINUXTYPE}/seusers
  
 diff --git a/policycoreutils/scripts/fixfiles b/policycoreutils/scripts/fixfiles
-index ae519fc..0890811 100755
+index ae519fc..7d21ea3 100755
 --- a/policycoreutils/scripts/fixfiles
 +++ b/policycoreutils/scripts/fixfiles
-@@ -21,6 +21,25 @@
+@@ -21,6 +21,44 @@
  # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  
  #
@@ -3210,12 +3210,31 @@ index ae519fc..0890811 100755
 +    grep --silent "$i ".*seclabel /proc/self/mounts && echo $i
 +done
 +}
-+
++exclude_dirs_from_relabelling() {
++    exclude_from_relabelling= 
++    if [ -e /etc/selinux/fixfiles_exclude_dirs ]
++    then
++        while read i
++        do
++          # skip blank line and comment
++          # skip not absolute path
++          # skip not directory
++          [ -z "${i}" ] && continue
++          [[ "${i}" =~ "^[[:blank:]]*#" ]] && continue
++          [[ ! "${i}" =~ ^/.* ]] && continue
++          [[ ! -d "${i}" ]] && continue
++          exclude_from_relabelling="$exclude_from_relabelling -e $i"
++          logit "skipping the directory $i from relabelling"
++        done < /etc/selinux/fixfiles_exclude_dirs
++    fi
++    echo "$exclude_from_relabelling"
++}
 +exclude_dirs() {
 +    exclude= 
 +    for i in /var/lib/BackupPC /home /tmp /dev; do 
 +        [ -e $i ]  && exclude="$exclude -e $i"; 
 +    done 
++    exclude="$exclude `exclude_dirs_from_relabelling`"
 +    echo "$exclude"
 +}
 +
@@ -3223,7 +3242,7 @@ index ae519fc..0890811 100755
  # Set global Variables
  #
  fullFlag=0
-@@ -35,9 +54,7 @@ SYSLOGFLAG="-l"
+@@ -35,9 +73,7 @@ SYSLOGFLAG="-l"
  LOGGER=/usr/sbin/logger
  SETFILES=/sbin/setfiles
  RESTORECON=/sbin/restorecon
@@ -3234,7 +3253,7 @@ index ae519fc..0890811 100755
  SELINUXTYPE="targeted"
  if [ -e /etc/selinux/config ]; then
      . /etc/selinux/config
-@@ -87,23 +104,10 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
+@@ -87,23 +123,10 @@ if [ -f ${PREFC} -a -x /usr/bin/diff ]; then
                    esac; \
                 fi; \
              done | \
@@ -3259,7 +3278,7 @@ index ae519fc..0890811 100755
  
  rpmlist() {
  rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' '
-@@ -121,23 +125,16 @@ if [ ! -z "$PREFC" ]; then
+@@ -121,24 +144,34 @@ if [ ! -z "$PREFC" ]; then
  fi
  if [ ! -z "$RPMFILES" ]; then
      for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do
@@ -3282,11 +3301,30 @@ index ae519fc..0890811 100755
  [ -x /usr/sbin/genhomedircon ] && /usr/sbin/genhomedircon
 -LogReadOnly
 -${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 >> $LOGFILE
+-rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
++#
++exclude_dirs="`exclude_dirs_from_relabelling`"
++if [ -n "${exclude_dirs}" ] 
++then 
++	TEMPFCFILE=`mktemp ${FC}.XXXXXXXXXX`
++	test -z "$TEMPFCFILE" && exit
++	/bin/cp -p ${FC} ${TEMPFCFILE} &>/dev/null || exit 
++	exclude_dirs=${exclude_dirs//-e/}
++	for p in ${exclude_dirs}
++	do
++       	 p="${p%/}"
++       	 p1="${p}(/.*)? -- <<none>>"
++       	 echo "${p1}" >> $TEMPFCFILE
++       	 logit "skipping the directory ${p} from relabelling"
++	done
++FC=$TEMPFCFILE
++fi
 +${SETFILES} -q ${SYSLOGFLAG} ${FORCEFLAG} $* ${FC} ${FILESYSTEMS} 2>&1 | cat >> $LOGFILE
- rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-*
++rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE
  find /tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
  find /var/tmp \( -context "*:file_t*" -o -context "*:unlabeled_t*" \) -exec chcon -t tmp_t {} \;
-@@ -146,8 +143,7 @@ exit $?
+ exit $?
+@@ -146,8 +179,7 @@ exit $?
  
  fullrelabel() {
      logit "Cleaning out /tmp"
@@ -3296,6 +3334,19 @@ index ae519fc..0890811 100755
      restore
  }
  
+diff --git a/policycoreutils/scripts/fixfiles.8 b/policycoreutils/scripts/fixfiles.8
+index dfe8aa9..0b4cbaa 100644
+--- a/policycoreutils/scripts/fixfiles.8
++++ b/policycoreutils/scripts/fixfiles.8
+@@ -29,6 +29,8 @@ new policy, or  just check whether the file contexts are all
+ as you expect.  By default it will relabel all mounted ext2, ext3, xfs and 
+ jfs file systems as long as they do not have a security context mount 
+ option.  You can use the -R flag to use rpmpackages as an alternative.
++The file /etc/selinux/fixfiles_exclude_dirs can contain a list of directories
++excluded from relabelling.
+ .P
+ .B fixfiles onboot 
+ will setup the machine to relabel on the next reboot.
 diff --git a/policycoreutils/scripts/genhomedircon.8 b/policycoreutils/scripts/genhomedircon.8
 new file mode 100644
 index 0000000..6331660
diff --git a/policycoreutils.spec b/policycoreutils.spec
index 4ae781d..aee241e 100644
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@@ -1,13 +1,13 @@
 %define	libauditver	1.4.2-1
-%define libsepolver 	2.0.42-3
+%define libsepolver 	2.0.43-2
 %define	libsemanagever	2.0.43-4
 %define	libselinuxver	2.0.90-3
 %define	sepolgenver	1.0.23
 
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
-Version: 2.0.85
-Release: 28%{?dist}
+Version: 2.0.86
+Release: 1%{?dist}
 License: GPLv2
 Group:	 System Environment/Base
 # Based on git repository with tag 20101221
@@ -163,7 +163,7 @@ Requires(post): /sbin/chkconfig
 BuildRequires: libcap-ng-devel
 
 %description sandbox
-The policycoreutils-python package contains the scripts to create graphical sandboxes
+The policycoreutils-sandbox package contains the scripts to create graphical sandboxes
 
 %files sandbox
 %defattr(-,root,root,-)
@@ -331,6 +331,16 @@ fi
 exit 0
 
 %changelog
+* Tue Apr 29 2011 Dan Walsh <dwalsh at redhat.com> 2.0.86-1
+- Update to upstream 
+	* Use correct color range in mcstrand by Richard Haines.
+
+* Mon Apr 11 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-30
+- Add Elia Pinto patches to allow user to specify directories to ignore
+
+* Tue Apr 5 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-29
+- Fix policycoreutils-sandbox description
+
 * Tue Mar 29 2011 Dan Walsh <dwalsh at redhat.com> 2.0.85-28
 - rsynccmd should run outside of execcon
 
diff --git a/sources b/sources
index 000467f..c65b198 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
 49faa2e5f343317bcfcf34d7286f6037  sepolgen-1.0.23.tgz
 59d33101d57378ce69889cc078addf90  policycoreutils_man_ru2.tar.bz2
-92fa615448d443b22c4ad6ecf89fc974  policycoreutils-2.0.85.tgz
+13d864a8a6f8a933ef7aee7baf4a9662  policycoreutils-2.0.86.tgz

More information about the scm-commits mailing list